CN1691677A - Method, system and apparatus for managing computer identity - Google Patents
Method, system and apparatus for managing computer identity Download PDFInfo
- Publication number
- CN1691677A CN1691677A CNA200510059441XA CN200510059441A CN1691677A CN 1691677 A CN1691677 A CN 1691677A CN A200510059441X A CNA200510059441X A CN A200510059441XA CN 200510059441 A CN200510059441 A CN 200510059441A CN 1691677 A CN1691677 A CN 1691677A
- Authority
- CN
- China
- Prior art keywords
- client
- data record
- hardware
- identifier
- logical identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
- Hardware Redundancy (AREA)
Abstract
Embodiments of the present invention provide the ability to accurately match a particular computing device within a networked computing environment with an identity of that computing device. According to one aspect, a method for identifying a client computing device in a networked computing environment is provided. The method receives a discovery data record that includes a hardware identification and a logical identification, and in response, queries a plurality of client records for a matching client record. If a matching client record is identified by the query it is compared with the received discovery data record to identify the client computing device.
Description
The reference of related application
The application requires the U.S. Provisional Application number 60/564 of " system and method for managing computer identity in the asset management application (the System and Method for Managing Computer Identity in an AssetManagement Application) " by name that submitted on April 21st, 2004,069 priority, this application is incorporated herein by reference.
Technical field
The present invention relates generally to computer management, relate in particular to the system, the method and apparatus that are used in the identity of networked computer environments management, affirmation and update calculation equipment.
Background technology
The progress of computing equipment, computer network, software for calculation and network application has increased the diversity and the complexity of networking and disposing computing equipment in networked computer environments.For example, company may often dispose a large amount of computers by Information Services Department's management.Except that the computing equipment of managing in networked computer environments, those computer application programs and hardware are also managed.Computer, computer hardware and be positioned at application program on the computer or the management of software is referred to herein as " asset management ".
Be object computer asset management fully, the computer that is positioned at networked computer environments must identify.In brief, when from the specific computer transmission or the information of reception, the computer that sends information must mate exactly with the identity of this computer.For complete function is provided, with satisfied five requirements of the process need of computer and identities match.The first, computer should be unique and as one man with single identities match.The second, this process should not be subjected to the influence of some variation of the physics of computer or logic configuration.The 3rd, this process should not depend on the identity that the user intervention in the configuration variation process comes the maintenance calculations machine.The 4th, this process should allow to generate new identity, makes unaltered computer can be assigned with a new identity.The 5th, when generating the new identity of computer, the last identity of this computer should be can be identified as no longer to belong to this computer (that is, out-of-date), and new identity should by easily with this computer association.
The typical technology of sign computer may satisfy one or more in these five requirements, but can not satisfy all requirements, therefore can not provide complete function.A kind of typical technology that is used for the computer in the marked network computing environment is distributed the identity of a logical identifier as this computer for each computer.This logical identifier is used to identify this computer.Yet the logical identifier of computer may be replicated, and second computer can use false identity to visit network.The computer access network that allows to have the identity of duplicating causes potential safety problem, and causes inaccurate computer asset management equally.In addition, the change of the physics of the computer that is associated with this logic identity or logic configuration may cause asset management application this logical identifier and computer can't be complementary.In addition, when computer is made configuration change, need user intervention to guarantee that the logic identity of this computer can not lose because of configuration change usually.
The another kind of typical technology that is used for the computer in the marked network computing environment is by using hardware identifier.In this technology, select a hardware, as the hard disk drive of computer, and use the identifier of this hardware to identify computer.Yet the hardware identifier of computer can not be changed, and has therefore eliminated the ability that redeploys this computer under new identity, unless hardware also is modified.In addition, if be replaced or remove from its specific hardware that obtains hardware identifier, then the identity of this certain computer can be lost.
Therefore, need a kind of system, method and apparatus that is used for supervisory computer, it identifies computer exactly, allows computer is made change and the ability of distributing new identity to this computer is provided.In addition, need be a kind of in the system that does not have to realize under the user intervention those purposes.
Summary of the invention
Embodiments of the invention provide the ability that the identity of the particular computing device in the networked computer environments and this computing equipment is mated exactly.According to an aspect, provide a kind of method that is used for the client computes equipment of marked network computing environment.This method receives one and comprises the discovery data record of hardware identifier and logical identifier, and in response, inquires about a plurality of client recordings, to find out the client recording of coupling.If identified the client recording that mates, then itself and the discovery data record that receives are compared, with sign client computes equipment by this inquiry.
According on the other hand, provide a kind of generation to be used to identify the method for the discovery data record of client computes equipment.This method starts by the existing logical identifier and the hardware attributes of searching for this client computes equipment.If located existing logical identifier and hardware attributes, then this method judges whether the hardware attributes of being located is similar to the existing hardware attribute.Be similar to the existing hardware attribute if determine the hardware attributes of being located, then generate one and find data record, it comprises the logical identifier and the hardware identifier of being located.
According to another aspect, provide a kind of computing equipment identity management system, the communication path that it has client computes equipment, finds data management system and be used for transmission information between client computes equipment and discovery data management system.This computing equipment identity management system is configured to carry out a kind of method that is used to identify client computes equipment.This method starts from response and receives the discovery data record from client computes equipment, and judges whether this discovery data record comprises logical identifier.Really comprise logical identifier if find data record, then it judges that then whether this logical identifier is complementary with the logical identifier of client recording.If then obtain client recording.Yet, if the discovery data record that receives does not comprise logical identifier, will compare from the key data of finding data record and the key data of client recording, have the client recording of coupling key data with sign.Use the client recording that is identified, client computes equipment is identified.
Description of drawings
When below reading in conjunction with the accompanying drawings, describing in detail, can understand and understand above-mentioned aspect of the present invention and many other advantages better, in the accompanying drawing:
Fig. 1 is the block diagram according to the networked computer environments of one embodiment of the present of invention, and wherein, computing equipment can be identified;
Shown in Figure 2 is according to one embodiment of the present of invention, the block diagram that the discovery data record in the networked computer environments between client computes equipment and the discovery data management system is submitted to and identified;
Fig. 3 is a flow chart of creating the process of finding data record according to one embodiment of the present of invention;
Shown in Figure 4 is to be used for the block diagram of the client computes equipment mark client computes device sub-routine of marked network computing environment exactly according to one embodiment of the present of invention; And
Fig. 5 is the block diagram that obtains the client recording subroutine that is used to obtain client recording according to one embodiment of the present of invention.
Embodiment
The computing equipment sign is the core feature of arbitrary asset management application.The computing equipment asset management application of the computing equipment in the marked network computing environment is because of the sustain damage of inaccurate assets inventory exactly, and possibly can't make the result of the change that the computing equipment in the networked computer environments is made consistent with those networked computing equipment storehouse inventories.Embodiments of the invention provide the ability that the identity of the particular computing device in the networked computer environments and this computing equipment is mated.The information that receives from computing equipment can be unique and the process that computing equipment and identity are mated of as one man being complementary, and being used for single identity be not subjected to the influence of the change of the physics of computing equipment or logic configuration.In addition, embodiments of the invention do not rely on the accuracy that user intervention in the configuration change process of computing equipment is safeguarded the identity of this computing equipment.In addition, can generate a new identity, make this computing equipment under new identity, in network, to redeploy unaltered computing equipment.In addition, when generating the new identity of computing equipment, the last identity of this computing equipment is identified as and no longer belongs to this computing equipment, and new identity can easily be associated with this computing equipment.
Calculate equipment mark in the networked computer environments although discussion provided herein has been described, yet be appreciated that embodiments of the invention can be used for identifying the communication equipment that can be included in any kind in the network.The example of computing equipment includes but not limited to, personal computer, desktop computer, mobile phone, memory devices, server, database or the like.In addition, although discussion provided herein is used for asset management at the sign computing equipment,, those skilled in the relevant art can be used for the networking application of any kind yet being appreciated that the sign of computing equipment.For example, embodiments of the invention can be used for identifying computing equipment, are used for the wherein directory service of the identity of maintenance calculations equipment and use.
Fig. 1 is the block diagram according to the networked computer environments of one embodiment of the present of invention, and wherein computing equipment can be identified.Particularly, Fig. 1 shows networked environment 100, and it comprises a plurality of " client computes equipment ", as client computer 1101, client computer 2103 and client computer 3105, and " non-client computes equipment ", as computing equipment 125 and computing equipment 127.Client computes equipment as described herein is to comprise client identifying equipment (" CID "), as CID-1 119, CID-2,121 and the computing equipment of CID-3 123.In an embodiment of the present invention, CID may be implemented as software program, software subroutines, software element or the like.Non-client computes equipment as described herein is the computing equipment that does not comprise CID.
Each computing equipment is connected to network 113, and can communicate by letter with finding data management system 107.Network 113 can be the network of any kind, as Intranet, internet, local area network (LAN) (" LAN "), wide area network (" WAN ") or the like.In addition, each computing equipment can be realized by any type of transmission to the connection of network 113.For example, connection can be wireless, wired or infrared.
Find that data management system 107 also is connected to network 113, it comprises the client recording database 109 that comprises client recording 111, each the client computes equipment in its marked network computing environment 100.Find that data management system 107 can be the computing equipment of the arbitrary type that can communicate by letter with network 113, and can comprise be used for network 113 on the software of computing device communication.Understandable as those skilled in the relevant art, in networked computer environments 100, can there be client computes equipment and the non-client computes equipment and the combination thereof of any amount, they all need sign.In addition, in networked computer environments 100, can there be non-client computes equipment.Computing equipment is by being designated client computes equipment with communicating by letter of CID to discovery data management system 107.
After on the computing equipment in adding networked computer environments 100 to, and in later time at interval, CID generates and finds data record, as DDR-1, DDR-2 and DDR-3, and sends it to discovery data management system 107.Find that data record comprises " logic ID " and " hardware ID ", the computing equipment that they all are used for identifying CID exactly and are positioned at.Logic ID is the generating at random but unique value of logic identity that is used to represent this client computes equipment.Hardware ID is based on the identifier that the various attribute certainty ground of the hardware of client computes equipment generates, and it is used to represent the physical identity of client computes equipment.
After the computing equipment that is positioned at networked computer environments 100 adds CID, and in later time at interval, send and find data record, come more new discovery data management system 107 with state according to client computes equipment.For example, find that data record can be generated by CID, and find data management system 107 from sending to once in a week such as client computes equipment such as client computer 2 103.The transmission that the discovery data are recorded on the different time points is notified to the discovery data management system, and client computes equipment is still movable, and is in its current state in networked computer environments 100.
Find that data record also can be generated and sent discovery data management system 107 by the equipment except that CID.For example, find that data record can receive from query facility, it does not comprise CID and is not the computing equipment of client computer thus to networked computer environments 100 inquiries.The discovery data record that is generated by non-CID comprises the general information about the computing equipment in the networked computer environments.This kind equipment can be used for the initial filling of the client recording database of the computing equipment in the networked computer environments.In addition, this kind equipment can be used for sign and is in the networked computer environments, but is not those computing equipments of finding the client computer of data management system.
Logic ID such as logic ID 2 115 such as client computer 2 103 are generated at random and are stored on the client computes equipment by CID.As long as CID determines that it resides in same client computes and establishes on each, this logic ID just is maintained fixed.For example, the disk image that will comprise CID is transferred to another from a computing equipment and may causes CID to generate a new logical identifier.In addition, the main hardware to client computes equipment changes a new logical identifier of CID generation that may cause this client computes equipment.
In addition, logical identifier can be changed by reinstall operating system on client computes equipment by the user, perhaps changes when the logical identifier of preserving is destroyed.
Except that the discovery data record that comprises logic ID and hardware ID, also can be included in about the additional data of client computer and client computes equipment and to find in the data record.Additional data can comprise the hardware list on the OS Type, client computes device name, client computes equipment of type, the client computes equipment of release type, the client computes equipment of client computes equipment, the software matrix on the client computes equipment or the like.Some additional data also can be considered to be used for further confirm " key data " of the identity of this client computes equipment.Generally speaking, key data comprises individually the attribute (as hardware attributes) that obtains, its each can have the high likelihood that identifies computer uniquely.For example, key data can include but not limited to, but CID name, client computes device name client identifier position.
Find the identity of the All Clients on the data management system 107 networking management computing environment 100.Particularly, find that data management system 107 handles the discovery data record that receives, the discovery information of upgrading existing customer's machine record, and creates the New Client record for new client computer of adding.Client recording 111 comprises logic ID, hardware ID and the additional data to find that data record format sends from client computes equipment.Client recording is stored in by in the client recording database 109 of finding data management system 107 maintenances.Understandable as those skilled in the relevant art, the client recording database can comprise the database of arbitrary type, as relational database, hypertext data storehouse, flat file database or the like.
Shown in Figure 2 is according to one embodiment of the present of invention, the block diagram that the discovery data record between client computes equipment 201 in networked computer environments 200 and the discovery data management system 203 is submitted to and identified.As described in more detail below, the CID 207 on the client computes equipment 201 obtains and/or generates the discovery data record that sends to discovery data management system 203.For example, if CID 207 is added to networked computer environments 200 for the first time, then it can generate the discovery data record of the unique logic ID, hardware ID and the additional data that comprise sign client computes equipment 201.Perhaps, if CID 207 and client computes equipment 201 have been the parts of networked computer environments 200, then CID 207 uses the logic ID of storage and the hardware ID of storage to compile and send the discovery data record.This discovery data record is sent to finds data management system 203, is used for sign and state and upgrades purpose.
After will finding that data record sends to discovery data management system 203 from client computes equipment 201, the discovery data management system is communicated by letter with client recording database 205, and whether the information that is included in judgement in the discovery data record that receives is complementary with the client recording that is stored in the client recording database 205.If the coupling of finding, then client computes equipment 201 is identified as existing customer's machine, and as needing, then upgrades client recording.In case identified, can allow client computes equipment 201 to carry out xcopy and obtain store information or the like on out of Memory, the server in network then from the server in the network.In addition, the identity of the client computes equipment 201 in the networked computer environments 200 allows to find data management system 203 query client computing equipments 201 and/or the additional information that receives about the state of this client computer from client computes equipment 201, the inventory of assets accurately of maintain customer computer equipment 201 thus.
For example, after having identified client computes equipment 201, client computes equipment 201 can be to finding that data management system provides the hardware that is positioned on the client computes equipment 201 and the sign of the software on the client computes equipment 201, and about the out of Memory of client computes equipment 201, it is by finding that data management system 203 safeguards as the part of its asset management routine.In an alternative embodiment, this information can be used as with a part of finding the additional data that data record sends and is included.
Shown in Figure 3 is the flow chart of creating the process of finding data record according to one embodiment of the present of invention.Fig. 3-5 shows can be according to the different routines of embodiments of the invention realization.Fig. 3-5 shows the piece that is used to carry out specific function.In an alternative embodiment, can use more or less piece.In one embodiment of the invention, piece can be represented software program, software object, software function, software subroutines, software approach, software instances, code snippet, hardware operation or user's operation alone or in combination.
Refer again to Fig. 3, create to find that data record routine 300 begins at piece 301 places, at piece 303, search client computes equipment is with the logic ID of finding out storage and the hardware attributes of storage.In one embodiment of the invention, creating discovery routine 300 can be carried out by the CID on the client computes equipment.If computing equipment has been a client computer of finding data management system, then logic ID and hardware attributes can be stored on the computing equipment.For example, as mentioned above, after the CID in the initialization networked computer environments, for the client computes equipment that this CID was positioned at generates a unique logic ID.This logic ID is stored on the client computes equipment.In addition, the hardware attributes when creating logic ID also is determined, and is stored on the client computes equipment.
In decision block 305, judge whether this CID can locate the logic ID of storage.If,, create the unique logic ID that is used for this specific client computing equipment then at piece 307 in decision block 305 definite logic ID that do not have storage.This logic ID is stored on the client computes equipment then.In addition, determine the hardware attributes of this client computes equipment, and it is stored on the client computes equipment, shown in piece 309.At piece 311, the hardware attributes of use determining is created hardware ID and it is stored on the client computes equipment.As mentioned above, hardware ID is the unique hardware identifier of a specific hardware being used for existing on the client computes equipment.In an alternative embodiment, hardware ID can be created by the combination of the hwid of client computes equipment.For example, the system BIOD of client computes equipment and MAC Address can be merged and create hardware ID.
Refer again to decision block 305,,, judge whether the hardware attributes of the storage on the client computes equipment is similar to the existing hardware attribute of client computes equipment then in decision block 313 if determine to have existing logic ID on the client computes equipment really.Whether the hardware attributes that judge to store is similar to the existing hardware attribute changes for routine provides some that allow in the client computes equipment, and the ability that still can continue to use the logic ID of storage to come precise marking client computes equipment.If determine that in decision block 313 hardware attributes that stores is not similar to the existing hardware attribute,,, and it is stored on the client computes equipment for this client computes equipment is created new logic ID then at piece 317.In addition, at piece 319, the existing hardware attribute also is stored on the client computes equipment.At piece 321, create hardware ID, and it is stored on the client computes equipment.At piece 323, create to find that data record routine 300 generates and find data record that it comprises the logic ID (piece 317) of new establishment, the hardware ID of creating in the last logic ID of decision block 305 signs, at piece 321 and the additional data about client computes equipment and CID that comprises key data.This discovery data record is sent to the discovery data management system.
Refer again to decision block 313, be similar to the existing hardware attribute,, use the logic ID of storage and the hardware ID generation of storage to find data record then at piece 315 if determine the hardware attributes that stores.Creating discovery data record routine 300 finishes at piece 325.
Shown in Figure 4 is according to one embodiment of the present of invention, is used for the block diagram of the client computes equipment mark client computes device sub-routine in the marked network computing environment exactly.In one embodiment of the invention, sign client computes device sub-routine 400 is carried out in response to receiving the discovery data record by the discovery data management system.
Sign client computes device sub-routine 400 is in piece 401 beginnings, and at piece 403, data record is found in reception.Find data record in response to receiving, at piece 405, the query client database of record is to find out the not out-of-date client recording of coupling.In one embodiment of the invention, by inquiring about to client recording and being included in the logic ID that the logic ID in the discovery data record that receives is complementary, come the query client database of record, to find out the not out-of-date client recording of coupling.Being used for obtaining not the subroutine of out-of-date client recording from the client recording database describes in more detail with reference to figure 5.
In decision block 407, judge whether to have obtained client recording from the client recording database.If determine to have obtained client recording from the client recording database in decision block 407, then at piece 409, coupling client recording and the discovery data record that receives are compared, and this client recording update package is contained in the discovery data record that receives, but is not included in any extra or different data of mating in the client recording.
Refer again to piece 407, do not obtain the coupling client recording if determine from the client recording database, then at piece 411, it is out-of-date that all not out-of-date client recordings that have the hardware ID identical with hardware ID in the discovery data record that receives in the client recording database are labeled as.In an alternative embodiment, all not out-of-date records that will have same hardware ID be labeled as out-of-date before, but whether have not out-of-date record more than in the judgment data storehouse with same hardware ID.In this embodiment, if there is not out-of-date matched record more than, then hardware ID generates failure, and thus, it is out-of-date that the not out-of-date record of neither one is marked as.Yet if having only one to be marked as the not out-of-date record with coupling hardware ID, it is out-of-date that it is labeled as, shown in piece 411.
In decision block 413, judge whether the discovery data record that receives comprises previous logic ID.Really comprise previous logic ID if determine the data record that receives, then at piece 415, it is out-of-date that all not out-of-date client recordings that will comprise the logic ID that is complementary with previous logic ID are labeled as.Not out-of-date record is labeled as out-of-date this client recording that shows no longer represents to find the current client computer of data management system.
If determine that in decision block 413 the discovery data record that receives does not comprise previous logic ID, or client recording is being labeled as out-of-date (piece 415) afterwards, at piece 417, generate new client recording, it comprises the information that is included in the discovery data record that receives.Particularly, the New Client record comprises the logic ID that receives, hardware ID and the additional data that is included in the discovery data record that receives.
In decision block 419, judge that whether the discovery data record receive is that client computer from network receives.As mentioned above, can generate the discovery data record, not comprise the computing equipment of CID in the marked network computing environment.If be not included in the logic ID in the discovery data record that receives, can determine that then this discovery data record does not receive from client computer.In another example, can check such as additional datas such as Client version or client seats in the plane, with the discovery data record determining to receive whether from client computer.
If determine to find that in decision block 419 data record receives from client computer, then this record is made as activity, to show that to routine 400 the client computes equipment that is associated with this client recording is the active client of networked computer environments, shown in piece 421.If determine that in decision block 419 the discovery data record that receives is not from client computes equipment, or after piece 431 was made as activity with record, routine 400 finished at piece 423.
Fig. 5 is according to one embodiment of the present of invention, is used to obtain the not block diagram that obtains client recording subroutine 500 of out-of-date client recording.Fig. 5 has described in more detail what piece 405 (Fig. 4) above related to and has obtained the not routine of out-of-date client recording from the client recording database.Obtain not out-of-date client recording subroutine 500 in piece 501 beginnings, and, receive and find data record at piece 503.In decision block 505, judge whether the discovery data record that receives comprises logic ID.If determine that in decision block 505 the discovery data record that receives comprises logic ID, whether then in decision block 507, judging has the not out-of-date client recording of the coupling that comprises same logic ID in the client recording database.If determine to exist the not out-of-date client recording of coupling in decision block 507, then obtain this record, and subroutine finished at piece 509.
Yet, if at decision block 507 definite not out-of-date client recordings of coupling that do not have same logic ID, then at piece 511, the key data that subroutine 500 requirements will be included in the client recording accurately mates with the key data that is included in the discovery data record that receives.After the accurate coupling of subroutine 500 requirements was set, it advanced to piece 513.Perhaps, if determine that in decision block 505 the discovery data record that receives does not comprise logic ID, then subroutine 500 advances to piece 513.
At piece 513, subroutine 500 identifies the not out-of-date client recording of maximum data that the data in the discovery data record that comprises and receive are complementary from the client recording database.If have the not out-of-date client recording that has the identical match data volume more than, then obtain nearest record.In decision block 514, judge whether to have obtained record.If do not obtain record, then subroutine is finished, and does not return any record, shown in piece 525.The not out-of-date record of the data that the discovery data record that if there is no has and receive is complementary then can not obtain record.If determine to have obtained record in decision block 514, then in decision block 515, judge obtain not out-of-date client recording subroutine 500 whether requirement the key data of this client recording key data with the discovery data record that receives is accurately mated.If determine not require accurate coupling, then obtain not out-of-date client recording, and subroutine is finished at piece 517 in decision block 515.
Yet if determine that in decision block 515 subroutines 500 require the accurate coupling of key data, in decision block 519, whether all key datas of judging the discovery data record that receives are complementary with the key data of client recording.If determine that in decision block 519 all key datas accurately mate,, judge whether this client recording comprises logical identifier then in decision block 521.If determine that in decision block 521 client recording does not comprise logical identifier, then obtain this record, and subroutine finished at piece 523.Yet, if determine that in decision block 521 client recording comprises logical identifier, the possibility that exists client recording not to be associated with the discovery data record that receives really.Thus, do not obtain client recording, and do not return any record, shown in piece 525.In addition, if determine that in decision block 519 all key datas all do not match,, do not return any client recording, and subroutine is finished then at piece 525.
Although illustrate and described preferred embodiment of the present invention, yet be appreciated that and under the situation that does not break away from the spirit and scope of the present invention, make various changes therein.
Claims (34)
1. a method that is used for the client computes equipment of marked network computing environment is characterized in that, comprises;
Receive one and find data record, wherein, described discovery data record comprises a hardware identifier and a logical identifier;
Inquire about a plurality of client recordings, to find out the client recording of coupling; And
If in described inquiry, identified the client recording of coupling, then the client recording of described coupling and received discovery data record compared, to identify described client computes equipment.
2. the method for claim 1 is characterized in that, described hardware identifier is the unique identifier of described client computes equipment.
3. the method for claim 1 is characterized in that, described hardware identifier is the sequence number of the basic input/output of described client computes equipment.
4. the method for claim 1 is characterized in that, described hardware identifier is the media interviews control Internet protocol address of described client computes equipment.
5. the method for claim 1 is characterized in that, described hardware identifier is the Asset Tag of described client computes equipment.
6. the method for claim 1 is characterized in that, described hardware identifier is the combination of a plurality of hwids.
7. the method for claim 1 is characterized in that, described logical identifier is to generate number at random.
8. the method for claim 1 is characterized in that, described logical identifier is the unique identification that is used for described client computes equipment.
9. the method for claim 1 is characterized in that, described logical identifier can be changed.
10. method as claimed in claim 9 is characterized in that, described logical identifier can change by the operating system of reinstalling described client computes equipment.
11. method as claimed in claim 9 is characterized in that, described logical identifier can change by the nextport hardware component NextPort that changes in the described client computes equipment.
12. method as claimed in claim 9 is characterized in that, described logic identification can be changed by the user.
13. the method for claim 1 is characterized in that, inquires about a plurality of client recordings and comprises that with the client recording of finding out coupling each the logical identifier with received logical identifier and described a plurality of client recordings compares.
14. the method for claim 1 is characterized in that, described coupling client recording and received discovery data record is compared comprise and judge that whether received hardware identifier is complementary with the hardware identifier of described coupling client recording.
15. the method for claim 1 is characterized in that, also comprises:
If in described inquiry, identified the client recording of a coupling, then upgrade the client recording of described coupling, included with the extraneous information that will be included in the received discovery data record.
16. method as claimed in claim 15 is characterized in that, the client recording that upgrades described coupling comprises the hardware identifier of the client recording that upgrades described coupling, to comprise received hardware identifier.
17. the method for claim 1 is characterized in that, the client recording of described coupling and received discovery data record is mated comprise and judge whether received discovery data record comprises previous logical identifier; And
Comprise previous logical identifier in response to definite received discovery data record, it is out-of-date that each of a plurality of client recordings that will comprise the logical identifier that is complementary with received previous logical identifier is labeled as.
18. the method for claim 1 is characterized in that, also comprises:
If not marking matched client recording in described inquiry, it is out-of-date that each of described a plurality of client recordings that then will comprise the hardware identifier that is complementary with received hardware identifier is labeled as.
19. the method for claim 1 is characterized in that, the client recording of described coupling and received discovery data record is compared comprise and judge whether received discovery data record comprises previous logical identifier; And
Comprise previous logical identifier in response to definite received discovery data record, will comprise with each of described a plurality of client recordings of the logical identifier of received previous logical identifier be labeled as out-of-date; And
Create a new client recording.
20. the method for claim 1 is characterized in that, also comprises:
In response to the client recording of described coupling and received discovery data record are compared, the client recording of described coupling is made as activity.
21. a generation is used to identify the method for the discovery data record of client computes equipment, it is characterized in that, comprising:
The existing logical identifier and the hardware attributes of search client computes equipment;
If located existing logical identifier and hardware attributes, judge then whether the hardware attributes of being located is similar to the existing hardware attribute; And
Be similar to the existing hardware attribute if determine the hardware attributes located, generate and comprise the logical identifier of being located and the discovery data record of hardware identifier.
22. method as claimed in claim 21 is characterized in that, also comprises:
Be not similar to the existing hardware attribute if determine the hardware attributes of being located:
Create a new logical identifier;
Create a hardware identifier; And
Generation comprises the discovery data record of described new logic sign and described hardware identifier.
23. method as claimed in claim 22 is characterized in that, the discovery data record that is generated also comprises the logical identifier of being located.
24. method as claimed in claim 22 is characterized in that, the discovery data record that is generated also comprises key data.
25. method as claimed in claim 21 is characterized in that, the discovery data record that is generated comprises key data.
26. method as claimed in claim 21 is characterized in that, also comprises:
If existing logical identifier of no-fix and hardware attributes are then created a new logical identifier;
Create a hardware identifier; And
Generation comprises the discovery data record of described new logic sign and described hardware identifier.
27. method as claimed in claim 21 is characterized in that, described hardware identifier is to generate from the existing hardware attribute of described client computes equipment.
28. method as claimed in claim 21 is characterized in that, described logical identifier is to generate number at random.
29. method as claimed in claim 21 is characterized in that, described logical identifier is the unique identification that is used for described client computes equipment.
30. method as claimed in claim 21 is characterized in that, described logical identifier can be changed.
31. have client computes equipment, finding data management system and be used for the computing equipment identity management system of the communication path of transmission information between described client computes equipment and described discovery data management system, a kind of method that is used to identify client computes equipment comprises:
Receive one from described client computes equipment and find data record;
Judge whether described discovery data record comprises logical identifier;
If determine that described discovery data record comprises logical identifier:
Judge that whether described logical identifier is complementary with the logical identifier of a client recording;
Obtain described client recording;
If determine that described discovery data record does not comprise logical identifier:
Obtain the client of the key data that comprises that the key data with described discovery data record is complementary
The machine record; And
Identify described client computes equipment based on the client recording that is obtained.
32. method as claimed in claim 31 is characterized in that, also comprises:
Be not complementary with the logical identifier of a client recording if determine described logical identifier, whether the key data of then judging described client recording is complementary with the key data of described discovery data record; And
Be complementary in response to the key data of determining described client recording and the key data of described discovery data record, obtain described client recording.
33. method as claimed in claim 32, it is characterized in that, obtain described client recording and comprise, be complementary, judge whether described client recording comprises logical identifier in response to all data of determining described client recording and the additional data of described discovery data record; And
If determine that described client recording comprises logical identifier, obtain described client recording.
34. method as claimed in claim 31 is characterized in that, the client recording that obtains the additional data that comprises that the key data with described discovery data record is complementary comprises:
Judge whether described discovery data record comprises than the more additional data of described client recording; And
If comprising, definite described discovery data record then replaces described client recording with described discovery data record than the more additional data of described client recording.
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US56406904P | 2004-04-21 | 2004-04-21 | |
US60/564,069 | 2004-04-21 | ||
US10/926,686 US8554889B2 (en) | 2004-04-21 | 2004-08-26 | Method, system and apparatus for managing computer identity |
US10/926,686 | 2004-08-26 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1691677A true CN1691677A (en) | 2005-11-02 |
CN1691677B CN1691677B (en) | 2010-06-09 |
Family
ID=34939154
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200510059441XA Expired - Fee Related CN1691677B (en) | 2004-04-21 | 2005-03-21 | Method, system and apparatus for managing computer identity |
Country Status (7)
Country | Link |
---|---|
US (1) | US8554889B2 (en) |
EP (1) | EP1589691B1 (en) |
JP (1) | JP4799018B2 (en) |
KR (1) | KR101143217B1 (en) |
CN (1) | CN1691677B (en) |
AT (1) | ATE395762T1 (en) |
DE (1) | DE602005006654D1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102427462A (en) * | 2012-01-13 | 2012-04-25 | 潘薇 | 'Gene network identity management' method based on depth identification and registration |
CN114616549A (en) * | 2019-11-01 | 2022-06-10 | 微软技术许可有限责任公司 | Selectively throttling implementation of configuration changes in an enterprise |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7089306B2 (en) | 2002-04-18 | 2006-08-08 | Bdna Corporation | Apparatus and method to automatically collect data regarding assets of a business entity |
US20060129415A1 (en) | 2004-12-13 | 2006-06-15 | Rohit Thukral | System for linking financial asset records with networked assets |
US9547780B2 (en) | 2005-03-28 | 2017-01-17 | Absolute Software Corporation | Method for determining identification of an electronic device |
ES2328708T3 (en) * | 2005-10-04 | 2009-11-17 | Swisscom Ag | PROCEDURE TO ADAPT THE SAFETY RULES OF A COMMUNICATION STATION AND COMMUNICATION STATION. |
AU2007227214A1 (en) * | 2006-03-20 | 2007-09-27 | Absolute Software Corporation | Method for determining identification of an electronic device |
EP2537099B1 (en) * | 2010-02-15 | 2016-01-06 | Telefonaktiebolaget L M Ericsson (PUBL) | Network node for detecting a communication device |
US10565629B2 (en) * | 2011-10-11 | 2020-02-18 | Carrier Services Group, Inc. | Computerized valuation of electronic equipment |
US9134983B2 (en) | 2012-01-09 | 2015-09-15 | International Business Machines Corporation | Uniquely identifying a machine |
US20140222989A1 (en) * | 2013-02-04 | 2014-08-07 | Ricoh Company, Ltd. | Management of device management units |
US10305747B2 (en) * | 2016-06-23 | 2019-05-28 | Sap Se | Container-based multi-tenant computing infrastructure |
WO2018136041A1 (en) * | 2017-01-18 | 2018-07-26 | Hewlett-Packard Development Company, L.P. | Software package installations with proximity tags |
US10638301B2 (en) | 2017-04-10 | 2020-04-28 | Bdna Corporation | Classification of objects |
US10313200B2 (en) | 2017-09-15 | 2019-06-04 | Bdna Corporation | Unix file and process mapping |
Family Cites Families (46)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5588119A (en) | 1993-08-23 | 1996-12-24 | Vincent; Ronald | Method for correlating logical device names with a hub port in a local area network |
US5757924A (en) * | 1995-09-18 | 1998-05-26 | Digital Secured Networks Techolognies, Inc. | Network security device which performs MAC address translation without affecting the IP address |
US6185184B1 (en) * | 1995-09-25 | 2001-02-06 | Netspeak Corporation | Directory server for providing dynamically assigned network protocol addresses |
US5724510A (en) * | 1996-09-06 | 1998-03-03 | Fluke Corporation | Method of configuring a valid IP address and detecting duplicate IP addresses in a local area network |
US5974453A (en) * | 1997-10-08 | 1999-10-26 | Intel Corporation | Method and apparatus for translating a static identifier including a telephone number into a dynamically assigned network address |
US6055574A (en) * | 1998-03-10 | 2000-04-25 | Unisys Corporation | Method of providing a service through a server with a virtual single network address |
JP3861464B2 (en) | 1998-07-17 | 2006-12-20 | カシオ計算機株式会社 | Terminal system |
US6360334B1 (en) * | 1998-11-30 | 2002-03-19 | Rockwell Collins, Inc. | Method and apparatus for verifying a software configuration of a distributed system |
EP1142227A2 (en) * | 1998-12-23 | 2001-10-10 | Nokia Wireless Routers, Inc. | A unified routing scheme for ad-hoc internetworking |
US6697948B1 (en) * | 1999-05-05 | 2004-02-24 | Michael O. Rabin | Methods and apparatus for protecting information |
US6684243B1 (en) * | 1999-11-25 | 2004-01-27 | International Business Machines Corporation | Method for assigning a dual IP address to a workstation attached on an IP data transmission network |
US6466986B1 (en) * | 1999-12-30 | 2002-10-15 | Nortel Networks Limited | Method and apparatus for providing dynamic host configuration protocol (DHCP) tagging |
US6691170B1 (en) * | 2000-03-28 | 2004-02-10 | Intel Corporation | Method and apparatus for simplifying addressing of a networked device |
GB2361141B (en) | 2000-04-07 | 2002-09-18 | 3Com Corp | Discovery of phones on a network, such as a LAN |
GB2362060B (en) | 2000-04-12 | 2002-04-24 | 3Com Corp | Efficient method of deducing network topology including endstations |
US6862286B1 (en) * | 2000-05-08 | 2005-03-01 | 3Com Corporation | Tracking dynamic addresses on a network |
US7240364B1 (en) * | 2000-05-20 | 2007-07-03 | Ciena Corporation | Network device identity authentication |
JP3874593B2 (en) * | 2000-06-12 | 2007-01-31 | 株式会社日立製作所 | Computer identification device |
US6691227B1 (en) * | 2000-09-08 | 2004-02-10 | Reefedge, Inc. | Location-independent packet routing and secure access in a short-range wireless networking environment |
JP2002123396A (en) | 2000-10-12 | 2002-04-26 | Ntt Comware Corp | Method and system for distributing application and controlling inventory |
US7107326B1 (en) * | 2000-10-13 | 2006-09-12 | 3Com Corporation | Method and system for integrating IP address reservations with policy provisioning |
US6854072B1 (en) * | 2000-10-17 | 2005-02-08 | Continuous Computing Corporation | High availability file server for providing transparent access to all data before and after component failover |
JP3763393B2 (en) | 2000-10-26 | 2006-04-05 | シャープ株式会社 | COMMUNICATION SYSTEM, TERMINAL DEVICE, RECORDING MEDIUM RECORDING REPRODUCTION PROGRAM, SERVER DEVICE, AND RECORDING MEDIUM RECORDING SERVER PROGRAM |
US7068597B1 (en) * | 2000-11-27 | 2006-06-27 | 3Com Corporation | System and method for automatic load balancing in a data-over-cable network |
US6996085B2 (en) * | 2000-12-22 | 2006-02-07 | Nortel Networks Limited | System, device, and method for providing network access in a communication system |
US7127524B1 (en) * | 2000-12-29 | 2006-10-24 | Vernier Networks, Inc. | System and method for providing access to a network with selective network address translation |
DE10065684A1 (en) * | 2000-12-29 | 2002-07-18 | Aladdin Knowledge Systems Gmbh | System and method for granting permission to run a program installed on a computer |
JP3600161B2 (en) | 2001-01-19 | 2004-12-08 | パナソニック モバイルコミュニケーションズ株式会社 | Duplicate terminal discovery method |
US7218739B2 (en) | 2001-03-09 | 2007-05-15 | Microsoft Corporation | Multiple user authentication for online console-based gaming |
US7068654B1 (en) * | 2001-04-18 | 2006-06-27 | 3Com Corporation | System and method for providing masquerading using a multiprotocol label switching |
US6782350B1 (en) * | 2001-04-27 | 2004-08-24 | Blazent, Inc. | Method and apparatus for managing resources |
JP2002351565A (en) | 2001-05-23 | 2002-12-06 | Interstate:Kk | System, method and program for preventing illegal use |
US6963909B1 (en) * | 2001-07-24 | 2005-11-08 | Cisco Technology, Inc. | Controlling the response domain of a bootP/DHCP server by using network physical topology information |
GB2380004A (en) * | 2001-07-27 | 2003-03-26 | Virtual Access Ireland Ltd | A configuration and management development system for a netwok of devices |
CA2363411A1 (en) * | 2001-11-21 | 2003-05-21 | Platespin Canada Inc. | System and method for provisioning software |
US8817757B2 (en) * | 2001-12-12 | 2014-08-26 | At&T Intellectual Property Ii, L.P. | Zero-configuration secure mobility networking technique with web-based authentication interface for large WLAN networks |
KR20030065064A (en) * | 2002-01-29 | 2003-08-06 | 삼성전자주식회사 | Method for managing domain name |
JP2004110081A (en) | 2002-07-23 | 2004-04-08 | Sony Corp | Identification information discriminating method, information service method and information service system |
US20040111642A1 (en) * | 2002-12-05 | 2004-06-10 | Amir Peles | Content security by network switch |
US20040199621A1 (en) * | 2003-04-07 | 2004-10-07 | Michael Lau | Systems and methods for characterizing and fingerprinting a computer data center environment |
US8041957B2 (en) * | 2003-04-08 | 2011-10-18 | Qualcomm Incorporated | Associating software with hardware using cryptography |
US20050005026A1 (en) * | 2003-07-03 | 2005-01-06 | International Business Machines Corporation | Method and apparatus for managing a remote data processing system |
WO2005022893A2 (en) * | 2003-08-29 | 2005-03-10 | Arris International Inc. | Method and system for layer-3 subscriber login in a cable data network |
JP2005100270A (en) * | 2003-09-26 | 2005-04-14 | Minolta Co Ltd | Printing control program and printer |
US7180422B2 (en) * | 2003-12-29 | 2007-02-20 | Intel Corporation | Asset management methods and apparatus |
US8204978B2 (en) * | 2004-02-09 | 2012-06-19 | Hewlett-Packard Development Company, L.P. | Client-side auto-rediscovery for networked devices |
-
2004
- 2004-08-26 US US10/926,686 patent/US8554889B2/en not_active Expired - Fee Related
-
2005
- 2005-03-18 JP JP2005079937A patent/JP4799018B2/en not_active Expired - Fee Related
- 2005-03-18 KR KR1020050022713A patent/KR101143217B1/en not_active IP Right Cessation
- 2005-03-21 CN CN200510059441XA patent/CN1691677B/en not_active Expired - Fee Related
- 2005-04-06 DE DE602005006654T patent/DE602005006654D1/en active Active
- 2005-04-06 EP EP05102691A patent/EP1589691B1/en not_active Not-in-force
- 2005-04-06 AT AT05102691T patent/ATE395762T1/en not_active IP Right Cessation
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102427462A (en) * | 2012-01-13 | 2012-04-25 | 潘薇 | 'Gene network identity management' method based on depth identification and registration |
CN114616549A (en) * | 2019-11-01 | 2022-06-10 | 微软技术许可有限责任公司 | Selectively throttling implementation of configuration changes in an enterprise |
Also Published As
Publication number | Publication date |
---|---|
EP1589691A2 (en) | 2005-10-26 |
CN1691677B (en) | 2010-06-09 |
ATE395762T1 (en) | 2008-05-15 |
EP1589691A3 (en) | 2006-08-23 |
KR20060044411A (en) | 2006-05-16 |
US20050256973A1 (en) | 2005-11-17 |
DE602005006654D1 (en) | 2008-06-26 |
JP2005310119A (en) | 2005-11-04 |
KR101143217B1 (en) | 2012-05-18 |
EP1589691B1 (en) | 2008-05-14 |
JP4799018B2 (en) | 2011-10-19 |
US8554889B2 (en) | 2013-10-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1691677A (en) | Method, system and apparatus for managing computer identity | |
CN111459985B (en) | Identification information processing method and device | |
US10534577B2 (en) | System and method for resource reconciliation in an enterprise management system | |
US8255409B2 (en) | Systems and methods for generating a change log for files in a managed network | |
US7428587B2 (en) | Generating globally unique device identification | |
US6535874B2 (en) | Technique for providing a universal query for multiple different databases | |
US8429256B2 (en) | Systems and methods for generating cached representations of host package inventories in remote package repositories | |
US8806471B2 (en) | Upgrade and downgrade in package update operations | |
CN107391758B (en) | Database switching method, device and equipment | |
US20070234331A1 (en) | Targeted automatic patch retrieval | |
US20060064619A1 (en) | Method and/or system for identifying information appliances | |
US20110296394A1 (en) | Systems and methods for generating cached representations of encoded package profile | |
US20050278395A1 (en) | Remotely identifying software on remote network nodes by discovering attributes of software files and comparing software file attributes to a unique signature from an audit table | |
CN102460398A (en) | Source classification for performing deduplication in a backup operation | |
EP2361465B1 (en) | Retrieving configuration records from a configuration management database | |
US20110265073A1 (en) | Systems and methods for generating encoded identifications of selected subsets of installed software packages on a client machine | |
EP2275949A1 (en) | Content identification method and system, content management client and server | |
CN1841320A (en) | Method and system for managing dynamic configuration data | |
CN1741448A (en) | Method and system for client computer self health check | |
US9772834B2 (en) | Exportable encoded identifications of networked machines | |
CN112905616B (en) | Storage system of block chain account book | |
US20080098382A1 (en) | Method and system for management of interim software fixes | |
CN111858486A (en) | File classification method and device | |
US20040153748A1 (en) | Method for configuring a data processing system for fault tolerance | |
CN111368039A (en) | Data management system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100609 Termination date: 20140321 |